|
201561
|
9.8 |
CRITICAL
Network
|
ibm
|
security_guardium
|
IBM Security Guardium 11.1 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. IBM X-Force ID: 174857.
|
CWE-307
mproper Restriction of Excessive Authentication Attempts
|
CVE-2020-4193
|
2024-11-21 14:32 |
2020-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201562
|
4.4 |
MEDIUM
Local
|
ibm
|
security_guardium
|
IBM Security Guardium 11.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 174852.
|
CWE-327
Use of a Broken or Risky Cryptographic Algorithm
|
CVE-2020-4191
|
2024-11-21 14:32 |
2020-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201563
|
6.1 |
MEDIUM
Network
|
ibm
|
security_guardium
|
IBM Security Guardium 11.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially…
|
CWE-79
Cross-site Scripting
|
CVE-2020-4183
|
2024-11-21 14:32 |
2020-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201564
|
6.5 |
MEDIUM
Adjacent
|
ibm
|
security_guardium
|
IBM Security Guardium 11.1 could allow an attacker on the same network to gain access to the Solr dashboard and cause a denial of service attack. IBM X-Force ID: 176997.
|
NVD-CWE-noinfo
|
CVE-2020-4307
|
2024-11-21 14:32 |
2020-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201565
|
6.7 |
MEDIUM
Local
|
ibm
|
security_guardium
|
IBM Security Guardium 10.6, 11.0, and 11.1 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to extern…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2020-4190
|
2024-11-21 14:32 |
2020-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201566
|
5.3 |
MEDIUM
Network
|
ibm
|
security_guardium
|
IBM Security Guardium 11.1 could disclose sensitive information on the login page that could aid in further attacks against the system. IBM X-Force ID: 174805.
|
NVD-CWE-noinfo
|
CVE-2020-4187
|
2024-11-21 14:32 |
2020-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201567
|
6.1 |
MEDIUM
Network
|
ibm
|
security_guardium
|
IBM Security Guardium 11.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially…
|
CWE-79
Cross-site Scripting
|
CVE-2020-4182
|
2024-11-21 14:32 |
2020-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201568
|
8.8 |
HIGH
Network
|
ibm
|
security_guardium
|
IBM Security Guardium 11.1 could allow a remote authenticated attacker to execute arbitrary commands on the system. By sending a specially-crafted request, an attacker could exploit this vulnerabilit…
|
CWE-78
OS Command
|
CVE-2020-4180
|
2024-11-21 14:32 |
2020-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201569
|
9.8 |
CRITICAL
Network
|
ibm
|
security_guardium
|
IBM Security Guardium 11.1 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, o…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2020-4177
|
2024-11-21 14:32 |
2020-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201570
|
5.9 |
MEDIUM
Network
|
nozbe
|
watermelondb
|
In WatermelonDB (NPM package "@nozbe/watermelondb") before versions 0.15.1 and 0.16.2, a maliciously crafted record ID can exploit a SQL Injection vulnerability in iOS adapter implementation and caus…
|
-
|
CVE-2020-4035
|
2024-11-21 14:32 |
2020-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
